O'Reilly logo

Developing Enterprise Web Services: An Architect's Guide by James Webber - Ph.D., Sandeep Chatterjee - Ph.D.

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Architect's Notes

  • Security requires an end-to-end perspective and not just a point-to-point one. It is not simply the exchange of data between the client and the server that is important, but instead the entire path that the data takes. This includes not only technologies, but also operational processes.

  • Do not encrypt the entire message. Due to the overhead of encryption and decryption, only encrypt what needs to be encrypted. Encrypt data meant for different people using different keys. The advantage of using XML Encryption is that it supports both of these requirements.

  • Inline signatures with the information that they sign. Signed documents are important not only during transmission between parties, but also as a means to prove and enforce accountability ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required